Description:
in the documentation (https://dev.mysql.com/doc/connector-j/8.0/en/connector-j-reference-using-ssl.html) says:

"Since Connector/J 8.0.28, the connection property enabledTLSProtocols has been renamed to tlsVersions, and enabledSSLCipherSuites has been renamed to tlsCiphersuites; the original names remain as aliases."

but attemting to connect using Spring Boot framework, the "tlsCiphersuites" name does not work, but when using tlsCipherSuites (whit capital S in 'suites') it works

How to repeat:
Try to connect using this line in application.properties:

don't works:

spring.datasource.url=jdbc:mysql://<host>:<port>/<schema>?tlsVersions=TLSv1.2&tlsCiphersuites=DHE-RSA-AES256-SHA

works:
spring.datasource.url=jdbc:mysql://<host>:<port>/<schema>?tlsVersions=TLSv1.2&tlsCipherSuites=DHE-RSA-AES256-SHA

Suggested fix:
Change the documentation to say "tlsCipherSuites" instead of "tlsCiphersuites"

Hi Maite, thanks for your interest in MySQL Connector/J.

There's nothing wrong with the property name. The correct one is "tlsCiphersuites".

Your first example doesn't work because you are specified a cipher suite not recognized by Java. The names you can use here are a subset of the cipher suites officially supported by Java: https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEP.... So, in your case, you should probably use: "tlsVersions=TLSv1.2&tlsCiphersuites=TLS_DHE_RSA_WITH_AES_256_CBC_SHA256".

Your second case works simply because "tlsCipherSuites" is not a recognized connection property and so Connector/J ignores it. In this case the TLS negotiation happens without considering your cipher suite selection.

I hope this clarifies it.